31149 – Calling databaseIdentifier on LocalStorage's background thread is not safe.

Bug 31149 - Calling databaseIdentifier on LocalStorage's background thread is not safe.

Summary: Calling databaseIdentifier on LocalStorage's background thread is not safe.

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	New Bugs (show other bugs)
Version:	528+ (Nightly build)
Hardware:	PC OS X 10.5

Importance:	P2 Normal
Assignee:	Jeremy Orlow

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-11-04 19:03 PST by Jeremy Orlow
Modified:	2009-11-05 00:58 PST (History)
CC List:	3 users (show)

See Also:

Attachments
Patch (4.42 KB, patch) 2009-11-04 19:05 PST, Jeremy Orlow	fishd: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jeremy Orlow 2009-11-04 19:03:44 PST

Calling SecurityOrigin::databaseIdentifier on LocalStorage's background thread is not safe.  databaseIdentifier does a bunch of string concatenation which ref-counts StringImpls in some cases.  This was caught by valgrind thread sanitizer: http://code.google.com/p/chromium/issues/detail?id=25645

There's no way to test for such racyness, unfortunately.

Comment 1 Jeremy Orlow 2009-11-04 19:05:58 PST

Created attachment 42537 [details]
Patch

Comment 2 Jeremy Orlow 2009-11-05 00:58:56 PST

Committed r50557: <http://trac.webkit.org/changeset/50557>